Prinsip Penyimpanan Data Peribadi Pekerja: Satu Kajian Perundangan di Malaysia
A Legal Analysis on The Retention Principle of Employees' Personal Data Protection in Malaysia
Keywords:
Akta Perlindungan Data Peribadi 2010, data peribadi, tanggungjawab majikan, pekerja, prinsip penyimpananAbstract
Akta Perlindungan Data Peribadi 2010 yang mula dikuatkuasakan pada tahun 2013 memberi kesan yang besar kepada pihak majikan dengan mewujudkan beberapa tanggungjawab berkaitan pemprosesan data peribadi pekerja. Sebagai majikan, terdapat keperluan untuk mengumpul dan memproses data peribadi pekerja. Penyimpanan data peribadi pekerja oleh majikan boleh menimbulkan isu sekiranya terdapat kebocoran atau penyalahgunakan data peribadi tersebut. Mengikut prinsip penyimpanan yang termaktub di dalam Akta Perlindungan Data Peribadi 2010, perlu ada tempoh had masa yang munasabah bagi majikan untuk menyimpan data peribadi pekerja. Kajian ini akan mengkaji undang-undang berkaitan penyimpanan data peribadi pekerja oleh majikan menurut Akta Perlindungan Data Peribadi 2010 dan Akta Kerja 1955. Kajian ini juga akan membincangkan tentang amalan majikan di Malaysia dalam mematuhi Prinsip Penyimpanan semasa memproses data peribadi pekerja. pematuhan prinsip peyimpanan data peribadi pekerja yang perlu dilaksanakan oleh majikan. Kaedah yang digunakan adalah kajian kepustakaan dan analisis dokumen. Kajian ini akan menjadi rujukan kepada organisasi dalam melaksanakan peruntukan-peruntukan APDP 2010 dan sekaligus memberi kesedaran kepada pekerja dalam mengetahui hak-hak mereka ketika berkongsi data peribadi dengan majikan.
The Personal Data Protection Act 2010 which has been enforced since 2013 has a great impact on employers as it introduces some obligations concerning the processing of employees’ personal data. As an employer, there is a need to collect and process personal data of the employees. The collection of these data could be an issue if there were data leakage or data misuse. According to the principle of retention which is embodied in the Personal Data Protection Act 2010, an employer may retain the personal data of employees only for a reasonable period. This article will study the relevant laws relating to the retention of employees’ personal data particullarly the Personal Data Protection Act 2010 (PDPA 2010) and the Employment Act 1955. This article will also discuss the practice of employers in Malaysia in complying with the retention principle when processing employees’ personal data. The methods used are library-based research and document analysis. This paper could be a reference to organisations in complying with the legal provisions of PDPA 2010 and in providing awareness to the employees as to their rights when they have to share their personal data with the employers.
Downloads
References
Adlin Abdul Majid, Shariffullah Majeed and Arissa Ahrom. (2019). Managing Employee Data Under the Personal Data Protection Act 2010. Legal Herald, December 2019. Diakses daripada https://www.lh-ag.com/wp-content/uploads/2019/12/4_Managing-Employee-Data.pdf
Ball, Kirstie; Daniel, Elizabeth and Stride, Chris (2013). Dimensions of employee privacy: an empirical study. Information Technology and People (In press).
Butler Smith, L. (2009). Workplace privacy: We’ll be watching you. Ohio NUL Rev. 35, 53.
Chia Swee Yik. (2017). Basics of Personal Data Protection for Employee. Chia, Lee and Associates. Retrieved from https://chialee.com.my/basics-of-personal-data-protection-for- employers/
Furnell, S., Clarke, N. (2012). Power to People? The Evolving Recognition of Human Aspects of Security. Computer & Security 31(8): 983-988.
Hanshe, S. (2001). Designing a security awareness plan: Part I. Information Systems Security, 14-22.
Hassan, Kamal. (2012). Personal data protection in employment: New legal challenges for Malaysia. Computer Law & Security Review. 28. 696–703. 10.1016/j.clsr.2012.07.006.
Kusumoningtyas, A. A., & Nasional, P. K. K. (1997). DILEMA HAK PERLINDUNGAN DATA PRIBADI DAN PENGAWASAN SIBER: TANTANGAN DI MASA DEPAN. Jurnal Legislasi Indonesia. Vol 17, No 2 (2020): Jurnal Legislasi Indonesia - Juni 2020, Direktorat Jenderal Peraturan Perundang-undang, Kementerian Hukum dan Hak Asasi Manusia.
Portal Rasmi Jabatan Perlindungan Data Peribadi. (2020). Tatacara Pengendalian Bagi Aktiviti Pengumpulan, Pemprosesan Dan Penyimpanan Data Peribadi Oleh Premis Perniagaan Semasa Perintah Kawalan Pergerakan Bersyarat (PKPB) 2020.
Mageswari M. (2017). College Operator First to be Hauled to Court under PDP Act. The Star, 4 May 2017. Retrieved from https://www.thestar.com.my/news/nation/2017/05/04/college-operator-first-to-be-hauled-to-court-under-pdp-act/#UmM5brVGW1SryPhh.99
Marina Abdul Manap. (2020). Perkembangan Undang-Undang Privasi Di England Dan Malaysia: Satu Tinjauan. Journal of Law & Governance, Volume 3 (No. 1) 2020:1-17. e-ISSN: 2637-0743.
Mayvin Loo. (2015. Workplace Tips on Personal Data Protection. DPO Connect. Personal Data Protection Commission Singapore. August 2015.
Michael J Kavanagh & Richard D. Johnson (2018). Human Resource Information System, Basic Application & future Direction 4th edision. SAGA Publishing
Mohd Hamdan Haji Adnan. (2015). Peranan Media Massa Memartabatkan Integriti Nasional. Jurnal Komunikasi Borneo 2015. Vol 2.
Muhammad Adnan Pitchan & Siti Zobidah Omar. (2019). Dasar Keselamatan Siber Malaysia: Tinjauan Terhadap Kesedaran Netizen dan Undang-Undang (Cyber Security Policy: Review on Netizen Awareness and Laws). Jurnal Komunikasi: Malaysian Journal of Communication. 35. 103-119. 10.17576/JKMJC-2019-3501-08.
Muhammad Faheem & Hasnira Md Lazim. (2014). The Privacy Concerns Of Kptm Bangi's Students Regarding The Online Application In KPTM Website. Diakses daripada (PDF) THE PRIVACY CONCERNS OF KPTM BANGI'S STUDENTS REGARDING THE ONLINE APPLICATION IN KPTM WEBSITE (researchgate.net)
Norshima Humaidi (Mei 21, 2021). Kesedaran keselamatan maklumat masih rendah. Berita Harian Online. Diakses pada 14 September 2021 daripada https://www.bharian.com.my/rencana/komentar/2021/05/819081/kesedaran-keselamatan-maklumat-masih-rendah
Nurhaziemah Adevin dan Nurul Aiman Syazwani Muhd Nor (2019). Pengaruh Human Resource Imformation System (Hris) Dalam Pengurusan Perubahan Tempat Kerja. Diakses daripada https://www.researchgate.net/publication/337631906_PENGARUH_HUMAN_RESOURCE_IMFORMATION_SYSTEM_HRIS_DALAM_PENGURUSAN_PERUBAHAN_TEMPAT_KERJA
Pesuruhjaya Perlindungan Data Peribadi. (2020). Tataamalan Perlindungan Data Peribadi Untuk Sektor Utiliti (Elektrik). Diakses pada 30 September 2021 daripada https://www.pdp.gov.my/jpdpv2/tata_amalan/tataamalan-perlindungan-data-peribadi-untuk-sektor-utiliti-elektrik-versi-2-0-bahasa-melayu/
Rantos, K., Fysarakis, K., Manafavis, C. (2012). How effective is your security awareness program? An evaluation methodology, Information Security Journal: A Global Perspective, 21(6), 328-345.
Roman, J. (2015). Universities: prime breach targets. Retrieved from https://www.databreachtoday.asia/universities-prime-breach-targets-a-7865
Ross Kelly (2017). Almost 90% of Cyber Attcks are Caused by Human Error or Behavior. Chief Executive. Diakses daripada https://chiefexecutive.net/almost-90-cyber-attacks-caused-human-error-behavior/
Sinar Harian (Oktober 20, 2019). Penggodam papar data dalam internet. Astro Awani. Diakses pada 15 September 2021 daripada https://www.astroawani.com/berita-malaysia/penggodam-papar-data-dalam-internet-220542
Sonny Zulhuda dan Maryam Delpisheh (2011). Personal Data “Up in the Air”: A Tale of Two Malaysian Airlines in Dealing with Consumers Online Privacy. International Conference on Social Science and Humanity. IPEDR vol.5 (2011), IACSIT Press, Singapore.
Stone-Romero, E.F.; Stone, D.L. and Hyatt, D. (2003), “Personal selection procedures and invasion of
privacy”, Journal of Social Issues, Vol 59 No 2, pp. 343 – 368.
Suara Sinar (Ogos 27, 2020). Isu Rekod Data Peribadi ketika COVID-19. Sinar Harian. Diakses daripada https://www.sinarharian.com.my/article/98460/SUARA-SINAR/Lidah-Pengarang/Isu-rekod-data-peribadi-ketika-Covid-19
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2021 Journal of Muwafaqat
This work is licensed under a Creative Commons Attribution 4.0 International License.
